1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 341:

    What is IPsec Perfect Forwarding Secrecy (PFS)?

    A. A phase-1 setting that allows the use of symmetric encryption.
    B. A phase-2 setting that allows the recalculation of a new common secret key each time the session key expires.
    C. A `key-agreement' protocol.
    D. A `security-association-agreement' protocol.

  • Question 342:

    Based on the web filtering configuration illustrated in the exhibit,

    which one of the following statements is not a reasonable conclusion?

    A. Users can access both the www.google.com site and the www.fortinet.com site.
    B. When a user attempts to access the www.google.com site, the FortiGate unit will not perform web filtering on the content of that site.
    C. When a user attempts to access the www.fortinet.com site, any remaining web filtering will be bypassed.
    D. Downloaded content from www.google.com will be scanned for viruses if antivirus is enabled.

  • Question 343:

    View the Exhibit.

    The administrator needs to confirm that FortiGate 2 is properly routing that traffic to the 10.0.1.0/24 subnet. The administrator needs to confirm it by sending ICMP pings to FortiGate 2 from the CLI of FortiGate 1. What ping option needs to be enabled before running the ping?

    A. Execute ping-options source port1
    B. Execute ping-options source 10.200.1.1.
    C. Execute ping-options source 10.200.1.2
    D. Execute ping-options source 10.0.1.254

  • Question 344:

    Which of the following statements is not correct regarding virtual domains (VDOMs)?

    A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units.
    B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates.
    C. A backup management VDOM will synchronize the configuration from an active management VDOM.
    D. VDOMs share firmware versions, as well as antivirus and IPS databases.
    E. Only administrative users with a super_admin profile will be able to enter all VDOMs to make configuration changes.

  • Question 345:

    Which statements about antivirus scanning using flow-based full scan are true? (Choose two.)

    A. The antivirus engine starts scanning a file after the last packet arrives.
    B. It does not support FortiSandbox inspection.
    C. FortiGate can insert the block replacement page during the first connection attempt only if a virus is detected at the start of the TCP stream.
    D. It uses the compact antivirus database.

  • Question 346:

    Encrypted backup files provide which of the following benefits? (Select all that apply.)

    A. Integrity of the backup file is protected since it cannot be easily modified when encrypted.
    B. Prevents the backup file from becoming corrupted.
    C. Protects details of the device's configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery.
    D. A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS.
    E. Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase.

  • Question 347:

    Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. How are UTM features applied to traffic?

    A. One or more UTM features are enabled in a firewall policy.
    B. In the system configuration for that UTM feature, you can identify the policies to which the feature is to be applied.
    C. Enable the appropriate UTM objects and identify one of them as the default.
    D. For each UTM object, identify which policy will use it.

  • Question 348:

    What methods can be used to deliver the token code to a user that is configured to use two-factor authentication? (Choose three.)

    A. Browser pop-up window.
    B. FortiToken.
    C. Email.
    D. Code books.
    E. SMS phone message.

  • Question 349:

    A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.)

    A. The external facing interface of the FortiGate unit is configured to use DHCP.
    B. The FortiGate unit has not been registered.
    C. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network and no override push IP is configured.
    D. The FortiGate unit is in Transparent mode which does not support push updates.

  • Question 350:

    The command structure of the FortiGate CLI consists of commands, objects, branches, tables, and parameters. Which of the following items describes user?

    A. A command
    B. An object
    C. A table
    D. A parameter.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.